[METHOD AND SYSTEM FOR 
GLOBALLY RESTRICTINGCLIENT 
ACCESS TO A SECURED WEB 

SITE] 

Abstract of Disclosure 

A method and system are provided for restricting client access to a web site. A 
first web server receives a client login and, in response, allocates a cookie to the 
client containing an access credential having at least one client role-based 
attribute. A second web server hosts the secured web site, the web site having an 
associated security file containing at least one client role-based access privilege. In 
response to the client's HTTP request at the second server, the cookie is retrieved, 
decoded and the access credential is compared to the at least one client role- 
based access privilege. If the access credential has at least one role-based 
attribute in common with the at least one client role-based access privilege, the 
client is granted access to the site. Alternately, a site owner defines a token access 
credential attribute and security file privilege for hierarchal group access to the 
secured web site. 
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